259 matches found
GHSA-F99R-JJGR-F373 SQL injection in ImpressCMS
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...
SQL injection in ImpressCMS
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...
ImpressCMS SQL Injection Vulnerability (CNVD-2022-30798)
A SQL injection vulnerability exists in ImpressCMS, a database MySQL-driven, modular content management system, which can be exploited by attackers to read and modify sensitive information from the database used by the application...
CVE-2022-26986
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...
CVE-2022-26986
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...
Sql injection
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...
CVE-2022-26986
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...
CVE-2022-26986
ImpressCMS
ImpressCMS SQL注入漏洞
A SQL injection vulnerability exists in ImpressCMS, a database MySQL-driven, modular content management system, which can be exploited by attackers to read and modify sensitive information from the database used by the application...
PT-2022-18162 · Unknown · Impresscms
Name of the Vulnerable Software and Affected Versions: ImpressCMS versions 1.4.3 and earlier Description: The issue allows remote attackers to inject code in an unintended way, enabling them to read and modify sensitive information from the database used by the application. If the system is...
CVE-2022-26986
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to...
ImpressCMS 1.4.2 - Remote Code Execution (RCE)
Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Exploit Author: Egidio Romano aka EgiX Date: 30/03/2022 Version: = 1.4.2 Venor: https://www.impresscms.org CVE: CVE-2021-26599 ?php / ---------------------------------------------------------- ImpressCMS = 1.4.2 SQL Injection to Remote...
ImpressCMS 1.4.2 - Remote Code Execution Exploit
Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Exploit Author: Egidio Romano aka EgiX Version: = 1.4.2 Venor: https://www.impresscms.org CVE: CVE-2021-26599 ?php / ---------------------------------------------------------- ImpressCMS = 1.4.2 SQL Injection to Remote Code Execution...
GHSA-JC4V-VVG6-XG78 SQL Injection in ImpressCMS
ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection...
Incorrect Access Control in ImpressCMS
ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers who are, by design, able to have a security token...
Path Traversal in ImpressCMS
ImpressCMS before 1.4.3 allows libraries/image-editor/image-edit.php imagetemp Directory Traversal...
Type Confusion in ImpressCMS
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass != instead of !==...
SQL Injection in ImpressCMS
ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection...
GHSA-M8XH-CQC2-5Q6F Type Confusion in ImpressCMS
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass != instead of !==...
GHSA-48P3-XFVW-G59C Incorrect Access Control in ImpressCMS
ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers who are, by design, able to have a security token...